Solved

Exchange Server 2013 Enterprise - Error MSExchange ADAccess Event ID 4113

Posted on 2016-08-01
7
683 Views
Last Modified: 2016-10-12
I am having an issue with my Exchange Server saying:

Log Name:      Application
Source:        MSExchange ADAccess
Date:          8/1/2016 9:10:17 AM
Event ID:      4113
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      server
Description:
Process powershell.exe (EMS) (PID=25908). Component: Microsoft.Exchange.Data.Directory.ConfigurationSettingsADNotificationException: Error running AD operation. ---> Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Domain Controller.
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, String partitionFqdn, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetConnection(String preferredServer, Boolean isWriteOperation, String optionalBaseDN, ADObjectId& rootId, ADScope scope)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetReadConnection(String preferredServer, String optionalBaseDN, ADObjectId& rootId, ADRawEntry scopeDeteriminingObject)
   at Microsoft.Exchange.Data.Directory.ADDataSession.InternalFind[TResult](ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainer(String partitionFqdn, String domainController, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ConfigurationSettings.ADConfigDriver.<>c__DisplayClass2.<LoadSettings>b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   --- End of inner exception stack trace ---. Unable to load application settings. Exception: '%4'
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange ADAccess" />
    <EventID Qualifiers="49152">4113</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-08-01T14:10:17.000000000Z" />
    <EventRecordID>637930</EventRecordID>
    <Channel>Application</Channel>
    <Computer>server</Computer>
    <Security />
  </System>
  <EventData>
    <Data>powershell.exe (EMS)</Data>
    <Data>25908</Data>
    <Data>Microsoft.Exchange.Data.Directory.ConfigurationSettingsADNotificationException: Error running AD operation. ---&gt; Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Domain Controller.
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, String partitionFqdn, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetConnection(String preferredServer, Boolean isWriteOperation, String optionalBaseDN, ADObjectId&amp; rootId, ADScope scope)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetReadConnection(String preferredServer, String optionalBaseDN, ADObjectId&amp; rootId, ADRawEntry scopeDeteriminingObject)
   at Microsoft.Exchange.Data.Directory.ADDataSession.InternalFind[TResult](ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainer(String partitionFqdn, String domainController, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ConfigurationSettings.ADConfigDriver.&lt;&gt;c__DisplayClass2.&lt;LoadSettings&gt;b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   --- End of inner exception stack trace ---</Data>
  </EventData>
</Event>

I've been scouring the Internet and found things relating back to 2007 and 2010 but not 2013 in particular.  I've tried some of the 2010 items to no avail.  One of the issues I'm trying to get to the bottom to is the inability to access the properties of resource mailbox pages.  Where it was an old one or a new one, I get a 500 error when I try to edit it.

Anyone see this before or have any thoughts on how best to fix this?

Regards,

Jason
0
Comment
Question by:TIDIProducts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
Ibrahim Benna earned 500 total points (awarded by participants)
ID: 41737533
How many domain controllers do you have? How many Active Directory Sites do you have identified in AD sites and Services? Do you have any Subnets identified in AD Sites and Services? Exchange is heavily reliant on this and if not configured properly you will have issues. How many physical locations do you have your domain controllers placed in?
0
 

Author Comment

by:TIDIProducts
ID: 41737548
Hi DeBlackman,

Currently I have a total of 5 domain controllers in 2 Active Directory Domains.  3 in my parent domain and 2 in my child domain.  Exchange resides in the parent domain.  I have a total of 4 sites defined in AD Sites and Services to coordinate with the physical site locations.  1 site for 2 locations in MI (because one of the sites has no AD servers in it), 1 site for HQ and 1 site for our hotsite.  The fourth site defined in there is a default first site that was created back in the day that currently has no servers assigned to it and no subnets assigned to it.  Subnets are created for all of those sites according to what's setup at each site.  I have 2 servers in MI sites, 2 in HQ site and 1 in Hotsite.  The servers that reside in each are virtual machines that are located on VM hosts in each site respectively.

Regards,

Jason
0
 

Author Comment

by:TIDIProducts
ID: 41737561
Another note.  When I do a check to determine what site the exchange server is part of, it reports the proper site where I have 2 domain controllers sitting.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 9

Expert Comment

by:Ibrahim Benna
ID: 41737576
If your default site is empty and has no subnets associated with it, I recommend to delete it.

Check you domain controllers - do you see any AD related errors or warnings being generated in event logs?
0
 

Assisted Solution

by:TIDIProducts
TIDIProducts earned 0 total points (awarded by participants)
ID: 41737604
On the System log of my FSMO DC I see a recurring Schannel error statis fatal error alert 70 was generated with an Internal state of 105.

On the Directory Service log I see an ActiveDirectory_DomainService 2887 error for the LDAP Interface where it comments about rejecting binds from SASL or LDAP.

NtFrs Event ID 13562 that I was looking into.  Talking about a conflict between two objects pointing to the same server name from the way it appears.  Related to the sites and services extra site perhaps?
0
 
LVL 9

Expert Comment

by:Ibrahim Benna
ID: 41763500
inactive post
0
 

Expert Comment

by:Member_2_6552605
ID: 41840357
use run as admin for exch powershell
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question